7 Network Working Group T. Howes
8 Request for Comments: 1488 University of Michigan
12 Performance Systems International
18 The X.500 String Representation of Standard Attribute Syntaxes
22 This RFC specifies an IAB standards track protocol for the Internet
23 community, and requests discussion and suggestions for improvements.
24 Please refer to the current edition of the "IAB Official Protocol
25 Standards" for the standardization state and status of this protocol.
26 Distribution of this memo is unlimited.
30 The Lightweight Directory Access Protocol (LDAP) [9] requires that
31 the contents of AttributeValue fields in protocol elements be octet
32 strings. This document defines the requirements that must be
33 satisfied by encoding rules used to render Directory attribute
34 syntaxes into a form suitable for use in the LDAP, then goes on to
35 define the encoding rules for the standard set of attribute syntaxes
36 defined in [1,2] and [3].
38 1. Attribute Syntax Encoding Requirements
40 This section defines general requirements for lightweight directory
41 protocol attribute syntax encodings. All documents defining attribute
42 syntax encodings for use by the lightweight directory protocols are
43 expected to conform to these requirements.
45 The encoding rules defined for a given attribute syntax must produce
46 octet strings. To the greatest extent possible, encoded octet
47 strings should be usable in their native encoded form for display
48 purposes. In particular, encoding rules for attribute syntaxes
49 defining non-binary values should produce strings that can be
50 displayed with little or no translation by clients implementing the
51 lightweight directory protocols.
58 Howes, Kille, Yeong & Robbins [Page 1]
60 RFC 1488 X.500 Syntax Encoding July 1993
63 2. Standard Attribute Syntax Encodings
65 For the purposes of defining the encoding rules for the standard
66 attribute syntaxes, the following auxiliary BNF definitions will be
69 <a> ::= 'a' | 'b' | 'c' | 'd' | 'e' | 'f' | 'g' | 'h' | 'i' |
70 'j' | 'k' | 'l' | 'm' | 'n' | 'o' | 'p' | 'q' | 'r' |
71 's' | 't' | 'u' | 'v' | 'w' | 'x' | 'y' | 'z' | 'A' |
72 'B' | 'C' | 'D' | 'E' | 'F' | 'G' | 'H' | 'I' | 'J' |
73 'K' | 'L' | 'M' | 'N' | 'O' | 'P' | 'Q' | 'R' | 'S' |
74 'T' | 'U' | 'V' | 'W' | 'X' | 'Y' | 'Z'
76 <d> ::= '0' | '1' | '2' | '3' | '4' | '5' | '6' | '7' | '8' | '9'
78 <hex-digit> ::= <d> | 'a' | 'b' | 'c' | 'd' | 'e' | 'f' |
79 'A' | 'B' | 'C' | 'D' | 'E' | 'F'
81 <k> ::= <a> | <d> | '-'
83 <p> ::= <a> | <d> | ''' | '(' | ')' | '+' | ',' | '-' | '.' |
86 <CRLF> ::= The ASCII newline character with hexadecimal value 0x0A
88 <letterstring> ::= <a> | <a> <letterstring>
90 <numericstring> ::= <d> | <d> <numericstring>
92 <keystring> ::= <a> | <a> <anhstring>
94 <anhstring> ::= <k> | <k> <anhstring>
96 <printablestring> ::= <p> | <p> <printablestring>
98 <space> ::= ' ' | ' ' <space>
102 Values of type Undefined are encoded as if they were values of type
105 2.2. Case Ignore String
107 A string of type caseIgnoreStringSyntax is encoded as the string
114 Howes, Kille, Yeong & Robbins [Page 2]
116 RFC 1488 X.500 Syntax Encoding July 1993
119 2.3. Case Exact String
121 The encoding of a string of type caseExactStringSyntax is the string
124 2.4. Printable String
126 The encoding of a string of type printableStringSyntax is the string
131 The encoding of a string of type numericStringSyntax is the string
136 The encoding of a string of type octetStringSyntax is the string
139 2.7. Case Ignore IA5 String
141 The encoding of a string of type caseIgnoreIA5String is the string
146 The encoding of a string of type iA5StringSyntax is the string value
151 The encoding of a string of type t61StringSyntax is the string value
154 2.10. Case Ignore List
156 Values of type caseIgnoreListSyntax are encoded according to the
159 <caseignorelist> ::= <caseignorestring> |
160 <caseignorestring> '$' <caseignorelist>
162 <caseignorestring> ::= a string encoded according to the rules
163 for Case Ignore String as above.
170 Howes, Kille, Yeong & Robbins [Page 3]
172 RFC 1488 X.500 Syntax Encoding July 1993
175 2.11. Case Exact List
177 Values of type caseExactListSyntax are encoded according to the
180 <caseexactlist> ::= <caseexactstring> |
181 <caseexactstring> '$' <caseexactlist>
183 <caseexactstring> ::= a string encoded according to the rules for
184 Case Exact String as above.
186 2.12. Distinguished Name
188 Values of type distinguishedNameSyntax are encoded to have the
189 representation defined in [5].
193 Values of type booleanSyntax are encoded according to the following
196 <boolean> ::= "TRUE" | "FALSE"
198 Boolean values have an encoding of "TRUE" if they are logically true,
199 and have an encoding of "FALSE" otherwise.
203 Values of type integerSyntax are encoded as the decimal
204 representation of their values, with each decimal digit represented
205 by the its character equivalent. So the digit 1 is represented by the
208 2.15. Object Identifier
210 Values of type objectIdentifierSyntax are encoded according to the
213 <oid> ::= <descr> | <descr> '.' <numericoid> | <numericoid>
215 <descr> ::= <keystring>
217 <numericoid> ::= <numericstring> | <numericstring> '.' <numericoid>
219 In the above BNF, <descr> is the syntactic representation of an
220 object descriptor. When encoding values of type
221 objectIdentifierSyntax, the first encoding option should be used in
222 preference to the second, which should be used in preference to the
226 Howes, Kille, Yeong & Robbins [Page 4]
228 RFC 1488 X.500 Syntax Encoding July 1993
231 third wherever possible. That is, in encoding object identifiers,
232 object descriptors (where assigned and known by the implementation)
233 should be used in preference to numeric oids to the greatest extent
234 possible. For example, in encoding the object identifier representing
235 an organizationName, the descriptor "organizationName" is preferable
236 to "ds.4.10", which is in turn preferable to the string "2.5.4.10".
238 2.16. Telephone Number
240 Values of type telephoneNumberSyntax are encoded as if they were
241 Printable String types.
245 Values of type telexNumberSyntax are encoded according to the
248 <telex-number> ::= <actual-number> '$' <country> '$' <answerback>
250 <actual-number> ::= <printablestring>
252 <country> ::= <printablestring>
254 <answerback> ::= <printablestring>
256 In the above, <actual-number> is the syntactic representation of the
257 number portion of the TELEX number being encoded, <country> is the
258 TELEX country code, and <answerback> is the answerback code of a
261 2.18. Teletex Terminal Identifier
263 Values of type teletexTerminalIdentifier are encoded according to the
266 <teletex-id> ::= <printablestring> 0*( '$' <printablestring>)
268 In the above, the first <printablestring> is the encoding of the
269 first portion of the teletex terminal identifier to be encoded, and
270 the subsequent 0 or more <printablestrings> are subsequent portions
271 of the teletex terminal identifier.
273 2.19. Facsimile Telephone Number
275 Values of type FacsimileTelephoneNumber are encoded according to the
278 <fax-number> ::= <printablestring> [ '$' <faxparameters> ]
282 Howes, Kille, Yeong & Robbins [Page 5]
284 RFC 1488 X.500 Syntax Encoding July 1993
287 <faxparameters> ::= <faxparm> | <faxparm> '$' <faxparameters>
289 <faxparm> ::= 'twoDimensional' | 'fineResolution' | 'unlimitedLength' |
290 'b4Length' | 'a3Width' | 'b4Width' | 'uncompressed'
292 In the above, the first <printablestring> is the actual fax number,
293 and the <faxparm> tokens represent fax parameters.
295 2.20. Presentation Address
297 Values of type PresentationAddress are encoded to have the
298 representation described in [6].
302 Values of type uTCTimeSyntax are encoded as if they were Printable
303 Strings with the strings containing a UTCTime value.
305 2.22. Guide (search guide)
307 Values of type Guide, such as values of the searchGuide attribute,
308 are encoded according to the following BNF:
310 <guide-value> ::= [ <object-class> '#' ] <criteria>
312 <object-class> ::= an encoded value of type objectIdentifierSyntax
314 <criteria> ::= <criteria-item> | <criteria-set> | '!' <criteria>
316 <criteria-set> ::= [ '(' ] <criteria> '&' <criteria-set> [ ')' ] |
317 [ '(' ] <criteria> '|' <criteria-set> [ ')' ]
319 <criteria-item> ::= [ '(' ] <attributetype> '$' <match-type> [ ')' ]
321 <match-type> ::= "EQ" | "SUBSTR" | "GE" | "LE" | "APPROX"
325 Values of type PostalAddress are encoded according to the following BNF:
327 <postal-address> ::= <t61string> | <t61string> '$' <postal-address>
329 In the above, each <t61string> component of a postal address value is
330 encoded as a value of type t61StringSyntax.
338 Howes, Kille, Yeong & Robbins [Page 6]
340 RFC 1488 X.500 Syntax Encoding July 1993
345 Values of type userPasswordSyntax are encoded as if they were of type
348 2.25. User Certificate
350 Values of type userCertificate are encoded according to the following
353 <certificate> ::= <signature> '#' <issuer> '#' <validity> '#' <subject>
354 '#' <public-key-info>
356 <signature> ::= <algorithm-id>
358 <issuer> ::= an encoded Distinguished Name
360 <validity> ::= <not-before-time> '#' <not-after-time>
362 <not-before-time> ::= <utc-time>
364 <not-after-time> ::= <utc-time>
366 <algorithm-parameters> ::= <null> | <integervalue> |
369 <subject> ::= an encoded Distinguished Name
371 <public-key-info> ::= <algorithm-id> '#' <encrypted-value>
373 <encrypted-value> ::= <hex-string> | <hex-string> '-' <d>
375 <algorithm-id> ::= <oid> '#' <algorithm-parameters>
377 <utc-time> ::= an encoded UTCTime value
379 <hex-string> ::= <hex-digit> | <hex-digit> <hex-string>
383 Values of type cACertificate are encoded as if the values were of
384 type userCertificate.
386 2.27. Authority Revocation List
388 Values of type authorityRevocationList are encoded according to the
394 Howes, Kille, Yeong & Robbins [Page 7]
396 RFC 1488 X.500 Syntax Encoding July 1993
399 <certificate-list> ::= <signature> '#' <issuer> '#'
400 <utc-time> [ '#' <revoked-certificates> ]
402 <revoked-certificates> ::= <algorithm> '#' <encrypted-value>
403 [ '#' 0*(<revoked-certificate>) '#']
405 <revoked-certificates> ::= <subject> '#' <algorithm> '#'
406 <serial> '#' <utc-time>
408 The syntactic components <algorithm>, <issuer>, <encrypted-value>,
409 <utc-time>, <subject> and <serial> have the same definitions as in
410 the BNF for the userCertificate attribute syntax.
412 2.28. Certificate Revocation List
414 Values of type certificateRevocationList are encoded as if the values
415 were of type authorityRevocationList.
417 2.29. Cross Certificate Pair
419 Values of type crossCertificatePair are encoded according to the
422 <certificate-pair> ::= <certificate> '|' <certificate>
424 The syntactic component <certificate> has the same definition as in
425 the BNF for the userCertificate attribute syntax.
427 2.30. Delivery Method
429 Values of type deliveryMethod are encoded according to the following
432 <delivery-value> ::= <pdm> | <pdm> '$' <delivery-value>
434 <pdm> ::= 'any' | 'mhs' | 'physical' | 'telex' | 'teletex' |
435 'g3fax' | 'g4fax' | 'ia5' | 'videotex' | 'telephone'
439 Values of the type otherMailboxSyntax are encoded according to the
442 <otherMailbox> ::= <mailbox-type> '$' <mailbox>
444 <mailbox-type> ::= an encoded Printable String
446 <mailbox> ::= an encoded IA5 String
450 Howes, Kille, Yeong & Robbins [Page 8]
452 RFC 1488 X.500 Syntax Encoding July 1993
455 In the above, <mailbox-type> represents the type of mail system in
456 which the mailbox resides, for example "Internet" or "MCIMail"; and
457 <mailbox> is the actual mailbox in the mail system defined by
460 2.32. Mail Preference
462 Values of type mailPreferenceOption are encoded according to the
465 <mail-preference> ::= "NO-LISTS" | "ANY-LIST" | "PROFESSIONAL-LISTS"
469 Values of type MHS OR Address are encoded as strings, according to
470 the format defined in [10].
474 Values of type Photo are encoded as if they were octet strings
475 containing JPEG images in the JPEG File Interchange Format (JFIF), as
480 Values of type Fax are encoded as if they were octet strings
481 containing Group 3 Fax images as defined in [7].
485 Many of the attribute syntax encodings defined in this document are
486 adapted from those used in the QUIPU X.500 implementation. The
487 contribu- tions of the authors of the QUIPU implementation in the
488 specification of the QUIPU syntaxes [4] are gratefully acknowledged.
492 [1] The Directory: Selected Attribute Syntaxes. CCITT,
493 Recommendation X.520.
495 [2] Information Processing Systems -- Open Systems Interconnection --
496 The Directory: Selected Attribute Syntaxes.
498 [3] Barker, P., and S. Kille, "The COSINE and Internet X.500 Schema",
499 RFC 1274, University College London, November 1991.
501 [4] The ISO Development Environment: User's Manual -- Volume 5:
502 QUIPU. Colin Robbins, Stephen E. Kille.
506 Howes, Kille, Yeong & Robbins [Page 9]
508 RFC 1488 X.500 Syntax Encoding July 1993
511 [5] Kille, S., "A String Representation of Distinguished Names", RFC
514 [6] Kille, S., "A String Representation for Presentation Addresses",
515 RFC 1278, University College London, November 1991.
517 [7] Terminal Equipment and Protocols for Telematic Services -
518 Standardization of Group 3 facsimile apparatus for document
519 transmission. CCITT, Recommendation T.4.
521 [8] JPEG File Interchange Format (Version 1.02). Eric Hamilton, C-
522 Cube Microsystems, Milpitas, CA, September 1, 1992.
524 [9] Yeong, W., Howes, T., and S. Kille, "Lightweight Directory Access
525 Protocol", RFC 1487, Performance Systems International,
526 University of Michigan, ISODE Consortium, July 1993.
528 [10] Kille, S., "Mapping between X.400(1988)/ISO 10021 and RFC 822",
529 RFC 1327, University College London, May 1992.
531 5. Security Considerations
533 Security issues are not discussed in this memo.
562 Howes, Kille, Yeong & Robbins [Page 10]
564 RFC 1488 X.500 Syntax Encoding July 1993
567 6. Authors' Addresses
570 University of Michigan
573 Ann Arbor, MI 48103-4943
576 Phone: +1 313 747-4454
587 Phone: +44-71-223-4062
588 EMail: S.Kille@isode.com
593 510 Huntmar Park Drive
597 Phone: +1 703-450-8001
598 EMail: yeongw@psilink.com
618 Howes, Kille, Yeong & Robbins [Page 11]